Fake/Redirected Search Results – Consequences for You

I hate being victimized! Unfortunately, all of us who use the Internet can be victimized in ways that sometimes defy credibility. Ironically, even those of us who specialize in Internet security can be targeted by cyber-criminals.

Several weeks ago, one of my Blog sites was the target of redirected search engine results. Essentially, what had been happening is this – when a search was made by a web user which produced a result listing my site, and the user clicked on that link, in some circumstances, the user was redirected to a site, or page, controlled by a hijacker.

While this exploit didn’t impact me financially, since I don’t run ads on my sites, it was disappointing knowing that cyber-criminals were potentially benefiting economically from the results of my efforts. Very often, the purpose behind this type of attack is the hacker’s need to increase his site’s reputation on Google, and other search engines, by fraudulently increasing the site’s hits. This can lead to an increase in profits generated by that site.

The dangers to you:

Those of us who are involved in Internet security know – cyber-crooks are unrelenting in their chase to infect web search results. We know that there has been a steady increase in the use of custom-built Websites designed to drop malicious code on computers, and in the manipulation of legitimate pages in order to infect computers with malware.

Earlier today, I read on the Darkreading Website, a security site for IT professionals, “that hackers have launched a multi-faceted attack on the Website of the popular AARP organization, rerouting traffic from the seniors’ association to pornography sites”. A bit chancy, I would have thought.

Other common techniques used by these cyber-criminals include the manipulation of search engine results, and the seeding of Websites among the top results returned by these engines. When a potential victim visits one of these sites the likelihood of the downloading of malicious code onto the computer, by exploiting existing vulnerabilities, is extremely high.

There are several ways that this can occur. Cyber-crooks can exploit vulnerabilities on the server hosting the web page to insert an iFrame, (an HTML element which makes it possible to embed another HTML document inside the main document). The iFrame can then activate the download of malicious code by exploiting additional vulnerabilities on the visiting machine.

Alternatively, a new web page can be built, with iFrames inserted, that can lead to malware downloads. This new web page appears to be legitimate.

Another method is the insertion of false dialogue boxes, fake toolbars, and more on sites; all designed to load destructive malware which could include rootkits, password stealers, Trojan horses, and spam bots.

So what can you do to ensure you are protected, or to reduce the chances you will become a victim?

Keep all applications (including your operating system) patched.

Install an Internet Browser add-on that provides protection against questionable or unsafe websites. My personal favorite is WOT (Web of Trust), an Internet Explorer/FireFox add-on that offers substantial protection against questionable or unsafe websites.

Turn off your computer or disconnect from the network when not in use.

Disable Java, JavaScript, and ActiveX if possible.

Disable scripting features in email programs.

Make regular backups of critical data.

Make a boot disk in case your computer is damaged or compromised.

Turn off file and printer sharing on the computer.

Install a personal firewall on the computer.

Install anti-virus and anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet.

Ensure the anti-virus software scans all e-mail attachments.

Advertisements

5 Comments

Filed under Browsers, Interconnectivity, Internet Safety, Internet Safety Tools, Malware Advisories, Online Safety, Search Engines, Spyware - Adware Protection, trojans, Viruses, Windows Tips and Tools

5 responses to “Fake/Redirected Search Results – Consequences for You

  1. Mr. Mullins,
    Thank you for sharing with us your personal experience with this very alarming state of affairs.

    It is absolutely appalling to me that we, as consumers and businesses alike, have allowed this to go on. (IT Security professionls have been aware of these things for quite some time–years, in some cases.)

    * We cannot trust search results
    * We cannot trust that hyperlinks take us to where we’re supposed to go.
    * when we get to our Website, we cannot trust that the page hasn’t been poisoned.
    * We know that cyber-crime costs at least $7 billion a year, and we know that it’s largely shrugged off.
    * If we pay to advertise our business online, how much clickfraud is happening?
    * Current anti-malware technology cannot keep pace with the new generation of spyware/tojan/keylogger (Google “antivirus is dead” if you care to see what I mean).
    * We cannot trust that our private e-mail is private.

    As a student of ITSec, I am convinced that things are at (or past) the breaking point, and I wonder, where’s the public outcry? Do businesses like spending money on ads that direct people elsewhere?
    It makes no sense…

  2. I hate when these results show up in google
    messing up good names just to exploit users….

  3. Hi Bill,
    One nice extension in Firefox is the “No Scripts” which allow you to opt in to scripts on a page by page basis. It is a hassle but if your surfing to unknown sites it’s a good idea to use “No Scripts”. And of course using a site filter like WOT, finjan and McAAfee siteadvisor are an additional layer of security.
    Cheers
    Mark

  4. Pingback: Block IFRAME For Added Protection « Tech–for Everyone

  5. Pingback: How To Block iFrames* « Tech–for Everyone